package com.at7122.security_demo.config;

import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;

import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.security.provisioning.InMemoryUserDetailsManager;


@Configuration //spring配置类
@EnableWebSecurity //启动spring Security 的安全支持 自动加载关键安全组件 SecurityFilterChain
public class SecurityConfig {

    /**
     * 内存用户配置
     * UserDetailsService : spring security 的核心接口，用于加载用户数据（用户名，密码，权限等）
     */
    @Bean
    public UserDetailsService users() {
        //创建基于内存的用户管理器
        InMemoryUserDetailsManager manager = new InMemoryUserDetailsManager();
        manager.createUser(
            User.builder().username("swj").password(passwordEncoder().encode("1234")).roles("USER").build()
        );
        System.out.println(passwordEncoder().encode("1234")); //打印加密后的密码看看
        return manager;
    }

    //添加密码编码器bean
    @Bean
    public PasswordEncoder passwordEncoder(){
        return new BCryptPasswordEncoder();
    }
}